CVE-2015-3187

The svn_repos_trace_node_locations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node that has been moved from a hidden path.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apache:subversion:1.8.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.8.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.8.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.8.10:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.8.11:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:*:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.8.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.8.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.8.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.8.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.8.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.8.13:*:*:*:*:*:*:*
cpe:2.3:a:apache:subversion:1.8.5:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*

Information

Published : 2015-08-12 07:59

Updated : 2017-06-30 18:29


NVD link : CVE-2015-3187

Mitre link : CVE-2015-3187


JSON object : View

CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

Advertisement

dedicated server usa

Products Affected

apple

  • xcode

apache

  • subversion